Published: 22/07/2012 Updated: 13/02/2023

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

VMScore: 668

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Integer signedness error in the TIFFReadDirectory function in tif_dirread.c in libtiff 3.9.4 and previous versions allows remote malicious users to cause a denial of service (application crash) and possibly execute arbitrary code via a negative tile depth in a tiff image, which triggers an improper conversion between signed and unsigned types, leading to a heap-based buffer overflow.

Vulnerable Product	Search on Vulmon	Subscribe to Product
libtiff libtiff 3.4
libtiff libtiff 3.7.0
libtiff libtiff 3.6.0
libtiff libtiff 3.6.1
libtiff libtiff 3.8.0
libtiff libtiff 3.7.3
libtiff libtiff 3.8.1
libtiff libtiff 3.9.3
libtiff libtiff 3.5.7
libtiff libtiff 3.8.2
libtiff libtiff 3.7.2
libtiff libtiff 3.9.2-5.2.1
libtiff libtiff 3.5.3
libtiff libtiff 3.7.1
libtiff libtiff 3.5.4
libtiff libtiff 3.5.2
libtiff libtiff
libtiff libtiff 3.9.2
libtiff libtiff 3.7.4
libtiff libtiff 3.5.5
libtiff libtiff 3.9.0
libtiff libtiff 3.5.6
libtiff libtiff 3.5.1
libtiff libtiff 3.9.1
libtiff libtiff 3.9

Synopsis Important: libtiff security update Type/Severity Security Advisory: Important Topic Updated libtiff packages that fix multiple security issues are nowavailable for Red Hat Enterprise Linux 5 and 6The Red Hat Security Response Team has rated this update as havingimportant security impact Common Vu ...

The TIFF library could be made to crash or run programs as your login if it opened a specially crafted file ...

Debian Bug report logs - #688944 tiff: CVE-2012-4447 Package: tiff; Maintainer for tiff is Laszlo Boszormenyi (GCS) <gcs@debianorg>; Reported by: Moritz Muehlenhoff <jmm@inutilorg> Date: Thu, 27 Sep 2012 07:30:18 UTC Severity: grave Tags: security Fixed in versions tiff/402-3, tiff/394-5+squeeze6 Done: Jay Be ...

Debian Bug report logs - #678140 Two tiff issues: CVE-2012-2113 / CVE-2012-2088 Package: tiff; Maintainer for tiff is Laszlo Boszormenyi (GCS) <gcs@debianorg>; Reported by: Moritz Muehlenhoff <muehlenhoff@univentionde> Date: Tue, 19 Jun 2012 14:09:03 UTC Severity: grave Tags: security Found in version 394-5+sque ...

Several vulnerabilities were discovered in TIFF, a library set and tools to support the Tag Image File Format (TIFF), allowing denial of service and potential privilege escalation These vulnerabilities can be exploited via a specially crafted TIFF image CVE-2012-2113 The tiff2pdf utility has an integer overflow error when parsing images CVE-2 ...

libtiff did not properly convert between signed and unsigned integer values, leading to a buffer overflow An attacker could use this flaw to create a specially-crafted TIFF file that, when opened, would cause an application linked against libtiff to crash or, possibly, execute arbitrary code (CVE-2012-2088) Multiple integer overflow flaws, leadin ...

CWE-189 https://bugzilla.redhat.com/show_bug.cgi?id=832864 http://www.securityfocus.com/bid/54270 http://secunia.com/advisories/49686 http://rhn.redhat.com/errata/RHSA-2012-1054.html https://hermes.opensuse.org/messages/15083566 http://www.mandriva.com/security/advisories?name=MDVSA-2012:101 http://lists.apple.com/archives/security-announce/2013/Mar/msg00002.html http://secunia.com/advisories/50726 http://security.gentoo.org/glsa/glsa-201209-02.xml http://support.apple.com/kb/HT6163 http://support.apple.com/kb/HT6162 http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00010.html https://access.redhat.com/errata/RHSA-2012:1054 https://usn.ubuntu.com/1498-1/https://nvd.nist.gov

CVE-2012-2088

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect